Closed Bug 1411675 Opened 8 years ago Closed 8 years ago

Enable CDN's to be used by creating a separate setting for restricting untrusted endpoints

Categories

(developer.mozilla.org Graveyard :: File attachments, enhancement, P1)

Product:
developer.mozilla.org Graveyard
Component:
File attachments
Platform:
All
Other
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: rjohnson, Assigned: rjohnson)

Details

(Whiteboard: [specification][type:change])

What feature should be changed? Please provide the URL of the feature if possible. ================================================================================== Both of the following: kuma.core.middleware.RestrictedEndpointsMiddleware kuma.core.middleware.RestrictedWhiteNoiseMiddleware currently restrict based on settings.ATTACHMENTS_HOST, which is also used to construct the file-attachment URL's. In order to enable the use of a CDN for the file-attachment and code-sample endpoints, we need a separate setting for restricting endpoints, say for example ATTACHMENTS_ORIGIN, while continuing to use ATTACHMENTS_HOST for constructing the file-attachment URL's. What problems would this solve? =============================== Enables the use of a CDN for the untrusted-domain endpoints. Who would use this? =================== All users of MDN. What would users see? ===================== Better page-load performance since the file attachments and code samples would be served more quickly from the CDN. What would users do? What would happen as a result? =================================================== Users would not have to do anything. Is there anything else we should know? ====================================== No.
Assignee: nobody → rjohnson
Commits pushed to master at https://github.com/mozilla/kuma https://github.com/mozilla/kuma/commit/50b7ef17cd69346abc8a08a0309563183f94828a bug 1411675: add setting for ATTACHMENT_ORIGIN https://github.com/mozilla/kuma/commit/671e07dab26150ded0a2fe622aba8184b9a0bd7e Merge pull request #4479 from escattone/new-setting-for-cdn-origin-for-untrusted-domain-1411675 bug 1411675: add setting for ATTACHMENT_ORIGIN
Commits pushed to master at https://github.com/mozilla/kuma https://github.com/mozilla/kuma/commit/c98410a4d71f8bab0c4d08d4c1ed7cd5eea39f29 bug 1411675: fix base.html jinja2 template to check for untrusted-cdn origin https://github.com/mozilla/kuma/commit/b3d102fceaff2fc69646b1909a6898bba21bb664 Merge pull request #4483 from escattone/fix-jinja-1411675 bug 1411675: fix base.html jinja2 template to check for untrusted-cdn origin
Status: NEW → RESOLVED
Closed: 8 years ago
Priority: -- → P1
Resolution: --- → FIXED
Product: developer.mozilla.org → developer.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.